Category: Uncategorized

A grad student in Indiana has created a boarding pass generator for NWA flights.

A 24-year-old computer security student working on his doctorate at Indiana University Bloomington has created a Web site that allows anyone with an Internet connection and a printer to create and print fake boarding passes for Northwest Airlines flights.

By entering your name and plugging in information about the flight — flight number, gate, seat number, departing city, destination, departure, and arrival times and class — the site generates a boarding pass the program's creator says will get you past security checkpoints, even without ID.

Christopher Soghoian, creator of "The Northwest Airlines Boarding Pass Generator," knew he would be opening up a can of worms by writing the program and creating the site, but says it's the only way to show people how deeply flawed airport and airline security are.

I completely disagree: everyone knows that the superficial airport security theater—badly designed as it is, and as dependent as it is on dubious information and proof of identity—is, at best, purely for show. Many serious security thinkers have made the point, over and over again, that the way we've designed security at our airports doesn't make us more secure at all. This "research" serves no one, and it doesn't advance our understanding of the problem one bit.

On the other hand, the publicity generated by this goof will probably cause a general security freak out among bureaucrats and politicos. The nearly-inevitable result will be yet more meaningless security ritual the next time you fly.

Thanks, buddy.

Link [via Interesting People]

Tags: security, airports, boarding passes, TSA

GigaOm has the lowdown on Apple's .Mac mail reno, with a 2.0 twist:

A few weeks ago we mentioned that Apple’s dot mac email service was getting a bit of a Web 2.0 makeover, one that was long overdue. Well, the new email is live now, and it is a perfect embodiment of how Apple would incorporate the Web 2.0 technologies such as Ajax.

Nice to see Apple give .Mac some much-needed love, and mail is a good place for Apple to work their "fast follower" (except without the "fast" this time) magic of refining a user experience we're all familiar with. After all, they weren't the first with an MP3 jukebox, with a portable MP3 player, or with photo managemement software, but they still managed to do it better, making it easier for users, than anyone else had up 'til then.

Even so, .Mac has a long way to go before it's the network hub of your Mac life—your identity in the cloud. Until then, the $99 for .Mac looks like something of a ripoff compared to what you can do with Google, Yahoo!, or MSN/Microsoft Live for free.

Link

Tags: .Mac, Web 2.0, Google, Yahoo!, MSN

According to Read/Write Web, Google's moving to reorganize the way they serve large advertising customers:

"Three of my most credible resources, including DM News’s Giselle Abramovich, are indicating plans for a significant re-organization at Google. On the re-org, says Ms. Abramovich,

“What this means is that there would be one global account director per account, that pulls in resources to sell as needed – PPC (pay-per-click), Print, Radio, Video, Display, etc.”

This means Google will utilize different types of ads (CPC, CPM, CPA, etc) over all media channels – search, mobile, video, audio, etc.

The benefit for Google's customers is that it enables them to target certain leads across different types of media. They can do that from one 'console' and they will work with 1 Google salesperson/account manager on their account. Of course will the large advertising agencies be happy with this scenario of Google providing a one-stop shop?

In some ways, it doesn't make a difference to the big agencies. They're still going to be the strategic adviser to the advertiser. Of course, they lose some of the advertising channel fragmentation that made their planning and trafficking services necessary, but having Google consolidate a bunch of channels may lower costs for everyone.

This is the way big brand advertisers want to do business—one point of contact to control their targeting and spend.

The big losers will be the smaller players in the search ecosystem with significant large-scale clients: the larger, dedicated search engine markeitng (SEM) firms. Their promise was to optimize search campagins horizontally across search engines, so an advertiser (or their agent) would go to them to spend across multiple search engines. Google can ace them out with this reorganization, based in part on their increasing dominance of search engine marketing, and assuming they can find the right inventory and technology to support a major advertiser's brand and rich media campaigns (ie, stuff that isn't search). You can bet YouTube figures into that thinking. For smaller-scale advertisers, where search is the the biggest, if not only, line item in their marketing budget, this doesn't mean much—they'll still need search marketing consolidators.

It's an interesting hint of a maturing Google.

Link

Tags: Google, advertising, search engine marketing

Inspired by a posting in Marginal Revolution which in turn was inspired by an article in Wired, John B. of the blog Indefinite Articles has written Six-Word Stories about different programming languages. A sample:

• C#: I am so better than Java!
• Java: How did I become today's COBOL?
• Visual Basic: I was “it” once! What happened?
• Perl: They’ll come crawling back. You’ll see!

Link

TiddlyWiki:Because I have, apparently, been living under a rock for the past two years, I'd never heard of TiddlyWiki until recently. It's a stunning display of client-side Ajax power: a JavaScript-based wiki contained entirely in a single HTML file. No server-side logic required. Personal wiki wherever your laptop goes (regardless of network connection)? No problem. Wiki on a USB stick? Sure thing. Neat-o.

Tags: TiddlyWiki, wiki, Ajax

Just to illustrate how different our professional lives are, let me show you the swag from the meeting I attended in Boston last week:

That's it.

To be fair, I'm what you'd call an industry analyst; it would create a conflict of interest for a technology company to shower me with freebies. But, come on…

Tags: swag, lucky bastards

Some of the more commercially-minded members of the blogosphere got together at the Blog Business Summit in Seattle this week, and although I wasn't there, I've been following along from afar. One of the more interesting (to me) discussions was about measuring your audience and your reach; as vital a topic for Boeing as it is for Boing Boing, or any other corporate bloggers or upstart media concerns trying to make a go of microcontent as a living.

The summary of this chat was really that there is no silver bullet. There isn’t anything in blog/RSS analytics that tells you everything you need to know and tells it accurately.

An audience member added another point, “I don’t care about how many page views or visitors I really get. I care about getting the right visitors, the influential visitors, or the potential customer visitors. How can I tell who’s who?”

Having done some time in the online advertising technology and analytics world (I did a two-year bid at 24/7 Real Media before I got early parole for good behavior), I can tell you these concerns extend far beyond the blogging world. Every media company is struggling with the transformation from unnacountable advertising to very accountable ad models.

In the past, advertisers had to make due with not knowing how their marketing really peformed, trusting instead in audited audience numbers and qualitative surveys to tell them who a given media outlet was reaching. You want 18-34 year olds with a lot of discretionary income? Buy 30 seconds on Friends. Men aged 18-34 looking to buy a car? That would be Monday Night Football. Fat-cat investor types? The Wall Street Journal.

None of these media properties, of course, could prove that any of the advertising they carried actually did what it was supposed to do—sell stuff—but the advertiser took some comfort in the fact that there was nothing better they could do (short of direct mail, but that's got the stank of Valu-Pak all over it). The rise of very accountable online advertising, along with the cost-per-click model that GoTo/Overture/Yahoo! poineered (and Google perfected) is destroying that blissful ignorance.

This puts a lot of pressure on publishers to come up with the goods on their audience: how many? what do they look at? where do they come from? who are they? when do they show up? Not easy questions to answer.

Server logs are totally inadequate to the task, so no help there. JavaScript-based web analytics tools, whether they're the freebies from Google (based on the former Urchin product), or the heavyweight services from companies like Omniture (what GM's using to track you when you read their blogs or visit a GM site, incidentally) are far better bets. Even so, what can they tell you about who an audience member really is? it's an impossible dream. However, an emerging class of analytics-driven targeting services out there (like TACODA and Revenue Science) aim to do the next-best thing: target based on what a unique visitor does, both on and away from a publisher's site. In this way, someone who spends their day surfing videogame oriented sites would be shown ads for related products.

There are shortcomings, of course. To begin with, many people just don't want to be tracked this closely (even if the tradeoff is less irrelevant advertising). They surf with third-party cookies turned off, and with their browsers or firewalls set to block content from certain domains (I'm looking at you, doubleclick.com). And, as a small-scale publisher of a blog, the network that sells ad space on your site may, or may not, employ this kind of targeting. On the other hand, the advertiser isn't necessarily buying an individual property, they're buying a targeted segment (like "Web 2.0 buffs"); it's up to the ad network selling your inventory to classify your site into the right package.

So, ultimately, analytics are interesting, but not necessarily a primary concern to the blog author. A better use of our time is ensuring what we write is worth reading.

Uh-oh.

Link

Tags: advertising, blogs, media, analytics